Crowds: anonymity for Web transactions
ACM Transactions on Information and System Security (TISSEC)
Proof-carrying code (abstract): design, implementation and applications
Proceedings of the 2nd ACM SIGPLAN international conference on Principles and practice of declarative programming
Terra: a virtual machine-based platform for trusted computing
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Labels and event processes in the asbestos operating system
Proceedings of the twentieth ACM symposium on Operating systems principles
SecVisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity OSes
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Improving Xen security through disaggregation
Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Flicker: an execution infrastructure for tcb minimization
Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
NOYB: privacy in online social networks
Proceedings of the first workshop on Online social networks
Exo-leasing: escrow synchronization for mobile clients of commodity storage servers
Proceedings of the 9th ACM/IFIP/USENIX International Conference on Middleware
XenSocket: a high-throughput interdomain transport for virtual machines
Proceedings of the ACM/IFIP/USENIX 2007 International Conference on Middleware
Virtual individual servers as privacy-preserving proxies for mobile devices
Proceedings of the 1st ACM workshop on Networking, systems, and applications for mobile handhelds
CLAMP: Practical Prevention of Large-Scale Data Leaks
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
A Logic of Secure Systems and its Application to Trusted Computing
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
Improving application security with data flow assertions
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Lockr: better privacy for social networks
Proceedings of the 5th international conference on Emerging networking experiments and technologies
Difference engine: harnessing memory redundancy in virtual machines
OSDI'08 Proceedings of the 8th USENIX conference on Operating systems design and implementation
xBook: redesigning privacy control in social networking platforms
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Separating web applications from user data storage with BSTORE
WebApps'10 Proceedings of the 2010 USENIX conference on Web application development
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Policy-sealed data: a new abstraction for building trusted cloud services
Security'12 Proceedings of the 21st USENIX conference on Security symposium
A cloud-based consumer-centric architecture for energy data analytics
Proceedings of the fourth international conference on Future energy systems
Semantic security against web application attacks
Information Sciences: an International Journal
Building web applications on top of encrypted data using Mylar
NSDI'14 Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation
Hi-index | 0.00 |
We examine a novel proposal wherein a user who hands off her data to a web service has complete choice over the code and policies that constrain access to her data. Such an approach is possible if the web service does not require raw access to the user's data to implement its functionality; access to a carefully chosen interface to the data suffices. Our data preserver framework rearchitects such web services around the notion of a preserver, an object that encapsulates the user's data with code and policies chosen by the user. Our framework relies on a variety of deployment mechanisms, such as administrative isolation, software-based isolation (e.g., virtual machines), and hardware-based isolation (e.g., trusted platform modules) to enforce that the service interacts with the preserver only via the chosen interface. Our prototype implementation illustrates three such web services, and we evaluate the cost of privacy in our framework by characterizing the performance overhead compared to the status quo.